Total
12328 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-40845 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'sub_34FD0.' In the function, it reads user provided parameters and passes variables to the function without any length checks. | |||||
| CVE-2023-40844 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'formWifiBasicSet.' | |||||
| CVE-2023-40843 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "sub_73004." | |||||
| CVE-2023-40842 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tengda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "R7WebsSecurityHandler." | |||||
| CVE-2023-40841 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "add_white_node," | |||||
| CVE-2023-40840 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "fromGetWirelessRepeat." | |||||
| CVE-2023-40802 | 1 Tenda | 2 Ac23, Ac23 Firmware | 2024-11-21 | N/A | 6.5 MEDIUM |
| The get_parentControl_list_Info function does not verify the parameters entered by the user, causing a post-authentication heap overflow vulnerability in Tenda AC23 v16.03.07.45_cn | |||||
| CVE-2023-40799 | 1 Tenda | 2 Ac23, Ac23 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AC23 Vv16.03.07.45_cn is vulnerable to Buffer Overflow via sub_450A4C function. | |||||
| CVE-2023-40781 | 1 Libming | 1 Libming | 2024-11-21 | N/A | 6.5 MEDIUM |
| Buffer Overflow vulnerability in Libming Libming v.0.4.8 allows a remote attacker to cause a denial of service via a crafted .swf file to the makeswf function. | |||||
| CVE-2023-40711 | 1 Veilid | 1 Veilid | 2024-11-21 | N/A | 7.5 HIGH |
| Veilid before 0.1.9 does not check the size of uncompressed data during decompression upon an envelope receipt, which allows remote attackers to cause a denial of service (out-of-memory abort) via crafted packet data, as exploited in the wild in August 2023. | |||||
| CVE-2023-40652 | 2 Google, Unisoc | 4 Android, T606, T612 and 1 more | 2024-11-21 | N/A | 4.4 MEDIUM |
| In jpg driver, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with System execution privileges needed | |||||
| CVE-2023-40651 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 4.4 MEDIUM |
| In urild service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | |||||
| CVE-2023-40574 | 1 Freerdp | 1 Freerdp | 2024-11-21 | N/A | 6.5 MEDIUM |
| FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the `writePixelBGRX` function. This issue is likely down to incorrect calculations of the `nHeight` and `srcStep` variables. This issue has been addressed in version 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this issue. | |||||
| CVE-2023-40569 | 3 Debian, Fedoraproject, Freerdp | 3 Debian Linux, Fedora, Freerdp | 2024-11-21 | N/A | 6.5 MEDIUM |
| FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the `progressive_decompress` function. This issue is likely down to incorrect calculations of the `nXSrc` and `nYSrc` variables. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. there are no known workarounds for this vulnerability. | |||||
| CVE-2023-40567 | 3 Debian, Fedoraproject, Freerdp | 3 Debian Linux, Fedora, Freerdp | 2024-11-21 | N/A | 6.5 MEDIUM |
| FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the `clear_decompress_bands_data` function in which there is no offset validation. Abuse of this vulnerability may lead to an out of bounds write. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. there are no known workarounds for this vulnerability. | |||||
| CVE-2023-40548 | 2 Fedoraproject, Redhat | 2 Fedora, Shim | 2024-11-21 | N/A | 7.4 HIGH |
| A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer overflow. This flaw causes memory corruption and can lead to a crash or data integrity issues during the boot phase. | |||||
| CVE-2023-40547 | 1 Redhat | 2 Enterprise Linux, Shim | 2024-11-21 | N/A | 8.3 HIGH |
| A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete system compromise. This flaw is only exploitable during the early boot phase, an attacker needs to perform a Man-in-the-Middle or compromise the boot server to be able to exploit this vulnerability successfully. | |||||
| CVE-2023-40481 | 2024-11-21 | N/A | 7.8 HIGH | ||
| 7-Zip SquashFS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SQFS files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18589. | |||||
| CVE-2023-40465 | 1 Sierrawireless | 8 Aleos, Es450, Gx450 and 5 more | 2024-11-21 | N/A | 8.3 HIGH |
| Several versions of ALEOS, including ALEOS 4.16.0, include an opensource third-party component which can be exploited from the local area network, resulting in a Denial of Service condition for the captive portal. | |||||
| CVE-2023-40308 | 1 Sap | 9 Commoncryptolib, Content Server, Extended Application Services And Runtime and 6 more | 2024-11-21 | N/A | 7.5 HIGH |
| SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component to crash making it unavailable. There is no ability to view or modify any information. | |||||